SoylentNews

Arthur T Knackerbracket has processed the following story:

Efficiency and scalability are key benefits of enterprise cloud computing, but they come at a cost. Security threats specific to cloud environments are the leading cause of concern among top executives and they're also the ones organizations are least prepared to address.

That's according to PwC's latest cybersecurity report, released today, which showed that cloud threats are the biggest security concern for most (42 percent) business leaders.

The top five threats, according to PwC's 4,020 respondents, comprise hack and leak operations (38 percent), third-party breaches (35 percent), attacks on connected products (33 percent), and ransomware (27 percent).

If you've just read that and questioned why ransomware is so low on the list, you might be a CISO. The level of concern about ransomware jumped to 42 percent when analyzing responses from CISOs alone.

[...] All the threats that feature in execs' top five deemed "most concerning" are perhaps unsurprisingly also the same as the threats organizations feel least prepared to address, although not quite in the same order.

[...] Of course, it wouldn't be a cybersecurity report in 2024 unless AI got its moment in the spotlight.

Despite generative AI being used for good in many cases, and the majority (78 percent) increasing their investment in the tech in the past year, it's the primary contributor to the widening attack surface faced by organizations.

More than two-thirds of respondents (67 percent) said genAI increased their susceptibility to attacks "slightly" or "significantly" – the most significant factor of any in the past year, although cloud was only narrowly behind at 66 percent.

Freeman writes:

https://arstechnica.com/ai/2024/09/ai-defeats-traffic-image-captcha-in-another-triumph-of-machine-over-man/

Anyone who has been surfing the web for a while is probably used to clicking through a CAPTCHA grid of street images, identifying everyday objects to prove that they're a human and not an automated bot.
[...]
ETH Zurich PhD student Andreas Plesner and his colleagues' new research, available as a pre-print paper, focuses on Google's ReCAPTCHA v2, which challenges users to identify which street images in a grid contain items like bicycles, crosswalks, mountains, stairs, or traffic lights. Google began phasing that system out years ago in favor of an "invisible" reCAPTCHA v3 that analyzes user interactions rather than offering an explicit challenge.
[...]
To craft a bot that could beat reCAPTCHA v2, the researchers used a fine-tuned version of the open source YOLO ("You Only Look Once") object-recognition model, which long-time readers may remember has also been used in video game cheat bots.

Original Submission

Arthur T Knackerbracket has processed the following story:

The UK's last coal plant will sigh out its final pollutants Monday before shutting down for good and officially ending the country's century and a half of coal production. Nottinghamshire's Ratcliffe-on-Soar plant was the last of its kind following Britain's 2015 commitment to close all coal power plants by 2025. Ratcliffe was originally scheduled to shut down in 2022 but stayed open after Russia invaded Ukraine and Europe entered a gas crisis.

The Ratcliffe plant once had 3,000 engineers but only employs 170 staff now. That group will gather to watch a livestream of the plant being turned off, and over 100 of them are set to work on decommissioning the plant over the next two years. Many of the other employees will enter new jobs at different power plants owned by Uniper, Raticliffe's German owner, while others will enter training programs to work on other aspects of the industry.

Britain opened the world's first coal power plant in 1882, London's Holborn Viaduct, with the help of Thomas Edison's Edison Electric Light Company. Coal has played a major part in the UK until very recently. According to a report from energy think tank Ember, coal was responsible for 39 percent of the UK's energy supply in 2012 but shrunk to just two percent in 2019. The decrease in coal production was reportedly equal to double the amount of all greenhouse gases used in the UK in 2023. Between 2012 and 2023, wind and solar generation also increased from six percent to a 34 percent share of the UK's energy. Britain still has a long way to go, but this step has made it the first G7 country to remove all coal power production.

Original Submission

Arthur T Knackerbracket has processed the following story:

The latest release of the de facto default desktop of most Linux distros brings some new features – but the GNOME 4x transition isn't done yet.

GNOME 47 was released last week, codenamed "Denver" after the venue for this year's GUADEC event. This release returns some touches of customization that had gone away, brings some long-wanted functional improvements, and a few new components.

Both Ubuntu 24.10 and Fedora 41 are in beta testing, and both should arrive in the middle of October with GNOME 47 as their default desktop environments. You can't fully judge GNOME 47 from Ubuntu "Oracular Oriole," though. Canonical tweaks the GNOME desktop environment a little with some pre-installed extensions to make it a little more familiar to long-term Ubuntu users. For instance, Ubuntu's default GNOME desktop has desktop icons, notification icons in the top panel, a permanent dock along the left screen edge, and a tool to assist with tiling windows. Fedora eschews these changes and ships a largely unmodified version, so it's much closer to the stock appearance.

GNOME 47 lets you set your own highlight color, so you're free to pick clashing combinations if you like – click to enlarge

The new feature that receives top billing in the version 47 release notes may thus seem a little puzzling to Ubuntu users: customizable accent colors. This is the color tint that's used to call out or highlight parts of the desktop, such as the current tab or the default button. Ubuntu users already had this, and if you're using GNOME 43 to 46 on a different distro, you can get this via an extension. Now everyone gets this option.

This is noteworthy because since GNOME 40, the environment doesn't permit users to customize their themes. As we described when we looked at GNOME 42, there is one official theme, "Adwaita," and both developers and users are meant to leave it alone, which has proved to be controversial. The Reg FOSS desk tends to leave theming to the professionals, and GNOME has some of the best in the business. GNOME designer Jakub Steiner's level of attention to detail can be discerned from his blog post about the wallpapers in GNOME 47.

[...] The new Text Editor app, which replaces the venerable Gedit, gets better printing and spellcheck. The new GNOME Console terminal emulator has more settings, such as scrollback size. GNOME Maps now has route planning, thanks to the external Transitous service. GNOME Calendar now has drag-and-drop import of ICS files for events, and better network calendar support. GNOME is still one of the best-of-breed FOSS environments for supporting network interoperability with cloud services, and this version gets better support for IMAP config, WebDAV, Microsoft 365, and more efficient Kerberos authentication. The Remote Desktop Connection app can now handle persistent sessions, meaning that it can resume a disconnected login session.

Freeman writes:

https://arstechnica.com/gadgets/2024/09/microsoft-details-security-privacy-overhaul-for-windows-recall-ahead-of-relaunch/

Microsoft is having another whack at its controversial Recall feature for Copilot+ Windows PCs, after the original version crashed and burned amid scrutiny from security researchers and testers over the summer. The former version of Recall recorded screenshots and OCR text of all user activity, and stored it unencrypted on disk where it could easily be accessed by another user on the PC or an attacker with remote access.

The feature was announced in late May, without having gone through any of the public Windows Insider testing that most new Windows features get, and was scheduled to ship on new PCs by June 18; by June 13, the company had delayed it indefinitely to rearchitect it and said that it would be tested through the normal channels before it was rolled out to the public.

Today, Microsoft shared more extensive details on exactly how the security of Recall has been re-architected in a post by Microsoft VP of Enterprise and OS Security David Weston.

Previously on SoylentNews:
Microsoft Will Try the Data-Scraping Windows Recall Feature Again in October - 20240822
"Recall" Will Now Be Opt-In: Microsoft Changes New Windows AI Feature After Backlash - 20240610
Total Recall: Microsoft Dealing With Trust Issues - 20240609
Windows Co-Pilot "Recall" Feature Privacy Nightmare - 20240524

Original Submission

canopic jug writes:

The Register is reporting that the US Army has ordered a new round of wheeled, equipment hauling robots.

The Small Multipurpose Equipment Transport Increment II (S-MET II) is set to be built by American Rheinmetall Vehicles and HDT Expeditionary Systems, the Army said. The pair were awarded a combined total of $22 million for eight prototype vehicles to be delivered at an unspecified future date.

There is also an official press release:

The second increment seeks to double that payload capacity while adding several improvements identified by Solders during evaluation and operation. Those improvements include: [...]

Previously:
(2017) US Army Brings Robotic Vehicles and UAVs Together in Combat Demonstration

Original Submission

Arthur T Knackerbracket has processed the following story:

As AMD flexes its muscles in the AI game, it is not only introducing new hardware but is betting on software too, trying to hit new market segments not already dominated by Nvidia. 

Thus, AMD has unveiled its first small language model, AMD-135M, which belongs to the Llama family and is aimed at private business deployments. It is unclear whether the new model has to do anything with the company's recent acquisition of Silo AI (as the deal has to be finalized and cleared by various authorities, so probably not), but this is a clear step in the direction of addressing the needs of specific customers with a pre-trained model done by AMD - using AMD hardware for inference.  

The main reason why AMD's models are fast is because they use so-called speculative decoding. Speculative decoding introduces a smaller 'draft model' that generates multiple candidate tokens in a single forward pass. Tokens are then passed to a larger, more accurate 'target model' that verifies or corrects them. On the one hand, this approach allows for multiple tokens to be generated simultaneously, yet on the other hand this comes at the cost of power due to increased data transactions.  

[...] AMD believes that further optimizations can lead to even better performance. Yet, as the company shares benchmark numbers of its previous-generation GPUs, we can only imagine what its current-generation (MI300X) and next-generation (MI325X) could do. 

Original Submission

Arthur T Knackerbracket has processed the following story:

Oracle could choose to take control of Ampere Computing, the Arm processor designer it has backed and uses in its cloud.

A proxy statement [PDF] filed on Wednesday reveals that Oracle held 29 percent stake in Ampere as of May 31, 2024, and has the option to gain majority control over the chip house in 2027.

"The total carrying value of our investments in Ampere, after accounting for losses under the equity method of accounting, was $1.5 billion as of May 31, 2024," the filing reads.

Oracle also revealed it extended $600 million in loans in the form of convertible debt to Ampere during its 2024 fiscal year, on top of $400 million in debt given during the prior fiscal year.

Ampere's debts are set to mature beginning June 2026, when Oracle will have the option of converting those investments into additional equity in the chip startup. "If either of such options is exercised by us or our co-investors, we would obtain control of Ampere and consolidate its results with our results of operations," the filing explains.

According to the document, Oracle spent roughly $48 million on Ampere processors during its 2023 fiscal year – some of it direct with Ampere and some through a third party. By comparison, Big Red spent just $3 million on Ampere's chips and had $101.1 million worth of products available under a pre-payment order by the end of fiscal year 2024.

This is despite the fact that Oracle is aggressively expanding its datacenter footprint to address growing demand for AI infrastructure. These efforts have included the deployment of massive clusters of GPUs from Nvidia and AMD with the largest campus developments nearing a gigawatt in scale.

[...] Despite being one of the first to successfully commercialize an Arm-compatible datacenter-grade microprocessor – and winning customers including Microsoft and Google – Ampere faces growing competition not only from the likes of Intel and AMD, but its own customers.

To compete with Ampere's 192-core chips, Intel and AMD have competing products with 128 to 288 cores. Meanwhile, Microsoft and Google have announced custom Arm silicon of their own with their Cobalt and Axion chips respectively. Meanwhile, Arm itself has been pushing its Compute Subsystems (CSS) offering for customers that want a customized chip but can't be bothered to design one from the core up.

Original Submission

Arthur T Knackerbracket has processed the following story:

SpaceX celebrated the first human spaceflight from its Cape Canaveral launch site on Saturday, and while the two humans aboard the Crew Dragon Freedom are safely on their way to the International Space Station, a problem arose with the rocket's second stage that prompted the company to shut down future launches for now.

"After today's successful launch of Crew-9, Falcon 9's second stage was disposed in the ocean as planned, but experienced an off-nominal deorbit burn," SpaceX posted on X. "As a result, the second stage safely landed in the ocean, but outside of the targeted area. We will resume launching after we better understand [the] root cause."

The first victim of the shutdown was a planned launch Sunday from California of a Falcon 9 with a plan to send up the OneWeb Launch 20 mission for EutelsatGroup.

The Federal Aviation Administration still has that launch on its operations plan advisory for as early as Oct. 1, but the last two times SpaceX had an "off-nominal" issue with a Falcon 9 launch, the FAA had grounded the rocket.

The most recent was a fiery landing of a Falcon 9's first-stage booster last month during a Starlink mission.

"The FAA investigates commercial space incidents to determine the root cause and identify corrective actions so they won't happen again," the FAA said in a statement after that incident.

[...] Any significant delay in launches could affect the upcoming Falcon Heavy launch of NASA's Europa Clipper mission to send a massive satellite to Jupiter's icy moon Europa.

That flight is slated to fly as early as Oct. 10 from Kennedy Space Center's Launch Complex 39-A.

Original Submission

Arthur T Knackerbracket has processed the following story:

The M87 galaxy is monstrous.

It contains several trillions of stars, compared to our Milky Way's hundreds of billions. And the supermassive black hole at its center is shooting an outstretched beam of energy into space. The Hubble Space Telescope, operated by NASA and the European Space Agency, has captured a new image of this energetic cosmic event, which produces a beam of superheated gas 3,000 light-years long (a single light-year is nearly 6 trillion miles).

NASA calls this jet "blowtorch-like," and it seems to be triggering many stars near its trajectory to erupt.

"We don't know what's going on, but it's just a very exciting finding," Alec Lessing of Stanford University, who led the research into the finding, said in an agency statement. "This means there's something missing from our understanding of how black hole jets interact with their surroundings."

In the Hubble telescope image below, the colossal elliptical galaxy M87, which is shaped like a giant egg, looks like "a translucent, fuzzy white cotton ball," ESA explained. The jet, as you can see, is the wavy blue beam blasting out from the galactic core, home to the supermassive black hole (it has the mass of 5.4 billion suns).

As the jet shoots through the galaxy, astronomers suspect it's triggering a type of stellar explosion called a "nova." These eruptions happen in double-star systems with an aging star — which is bloated and shedding its layers — and a white dwarf star, which is the hot core of a sun-like star that has shed its mass. The swollen star dumps material (hydrogen) on the white dwarf. "When the dwarf has tanked up a mile-deep surface layer of hydrogen that layer explodes like a giant nuclear bomb," the agency explained. And then the gradual process renews.

Original Submission

Arthur T Knackerbracket has processed the following story:

Beijing has published its proposed regulations for satellite broadband, including a requirement that operators conduct censorship in real time.

In its latest draft rules, the Cyberspace Administration of China proposes any organization or individual using terminal equipment with direct connection to satellite services is not allowed to "produce, copy, publish, or disseminate content prohibited by laws and administrative regulations, such as content that incites subversion of state power, overthrows the socialist system, endangers national security and interests, damages the national image, incites secession of the country, undermines national unity and social stability, promotes terrorism, extremism, ethnic hatred, ethnic discrimination, violence, pornography, and false information."

It clarifies that terminal equipment includes civilian handheld, portable, and fixed terminals, as well as terminals installed on aircraft, ships, and vehicles – essentially any device that enables users to access satellite communication systems for voice calls, text messaging, and data exchange.

The document states that providers must align their operations with national security and network security requirements, and prevent illegal activities.

This includes complying with China's cyber security, data security, and personal information protection laws – plus potentially being responsible for users' activities.

"If a terminal equipment direct satellite service provider finds that a user has published or transmitted information prohibited by laws and regulations, it shall immediately stop the transmission, take measures such as elimination in accordance with the law, preserve relevant records, and report to the relevant competent authorities," stipulates the CAC.

The draft rules further include articles that would make tracking of providers and users easier. This includes requiring providers to:

• Obtain licenses and approvals, whether telco, radio frequency related or otherwise;
• Collect real identity information from those using its services, as China already requires of telcos;
• Integrate monitoring and supervision into their platforms to allow Beijing's oversight;
• Locate ground facilities – such as gateway stations and Earth stations – and user data on Chinese soil. Any data that does need to go overseas must be processed through a gateway approved by the telecommunications regulatory department of the State Council.

The rules even go so far as to require anyone who uses satellite broadband to publish news – or distribute video and audio content – to obtain a license.

YouTube Blocks Videos From Adele, Green Day, Bob Dylan, Others in Dispute With SESAC

upstart writes:

YouTube blocks videos from Adele, Green Day, Bob Dylan, others in dispute with SESAC:

A number of YouTube videos featuring music from artists such as Adele, Green Day, Bob Dylan, Nirvana, and R.E.M. have been unplayable in the United States since Saturday.

For example, if you try to play Dylan's "Like A Rolling Stone" (whether it's the classic album recording or a live performance), you are instead told: "This video contains content from SESAC. It is not available in your country." Sometimes, you even get to watch a pre-roll ad before you see the message.

However, not all videos featuring these artists are blocked; it's not clear whether the playable videos are exempt from the current dispute or if they've simply been overlooked.

In statements to the press and on social media, YouTube blamed the situation on failed negotiations with SESAC, a performing rights group that says it represents more than 35,000 music artists and publishers.

"Unfortunately, despite our best efforts, we were unable to reach an equitable agreement before its expiration," YouTube said. "We take copyright very seriously and as a result, content represented by SESAC is no longer available on YouTube in the US. We are in active conversations with SESAC and are hoping to reach a new deal as soon as possible."

The situation echoes a dispute between Universal Music Group and TikTok earlier this year, which saw UMG pull songs by artists including Taylor Swift, Billie Eilish and Ariana Grande from the short-form video platform while it was negotiating over royalties.

Unlike UMG, SESAC isn't a record label, but rather an organization that collects royalties for songwriters and publishers, similar to ASCAP and BMI. In addition to the artists mentioned above, it also represents Burna Boy, George Clinton, Kenny Rogers, Kings of Leon, and many others.

Youtube Blocks Nirvana, Green Day, Adele And More Amidst U.S. Licensing Dispute

Arthur T Knackerbracket has processed the following story:

Music lovers are having a turbulent time online right now. Not only did Spotify suffer an outage on Sunday (though it was quickly fixed), YouTube has also suddenly stopped serving many popular tunes. Unfortunately, it seems as though this issue won't be rectified as easily.

YouTube users in the U.S. received an unwelcome surprise this weekend, with the video streaming platform suddenly blocking a significant swathe of music. Numerous videos are now unavailable, replaced by a black screen and dour notification where they had previously been readily accessible.

"This video contains content from SESAC," reads YouTube's notice. "It is not available in your country."

Arthur T Knackerbracket has processed the following story:

The value of X (formerly Twitter) continues to circle the toilet at an impressive rate.

The social media platform is now worth 79 percent less than what it was worth when Elon Musk purchased it, according to analysis by investor Fidelity.

The financial platform should know what it's talking about, too, because it helped Musk acquire X back in 2022 and owns a stake in the company. Fidelity's initial investment, per TechCrunch, was $19.66 million. Fidelity's latest financial report, meanwhile, lists the value of its X stake as $4,185,614.

That's a yikes-inducing decrease of around 79 percent.

In fairness, the writing has been on the wall for a while. In January 2024 Fidelity already valued its stake in X at 71.5 percent less, and recent documents made it clear just how much X's revenue has plummeted. Meanwhile, a new report has suggested that advertisers — who were already fleeing Musk's platform en masse — are planning to spend even less on X in 2025.

Elsewhere Brazil is battling the platform, and the number of X users in the U.S. and the UK is decreasing.

Not looking great, is it?

Original Submission

canopic jug writes:

Several sites, including OS Technix, are reporting that Arch will be collaborating with Valve. A heavily modified in-house Arch distro is used by Valve for SteamOS.

In an exciting development for the Linux community, Arch Linux has announced a new partnership with Valve, the company behind the Steam gaming platform and Steam Deck. This collaboration will see Valve financially support two major projects for Arch Linux: an improved build service infrastructure and a secure signing enclave.

[...] By providing freelance backing, Valve's support allows Arch Linux to work on these critical projects without being hindered by limitations in volunteer time. This will significantly accelerate progress and enable the Arch Linux team to tackle ambitious endeavours that would have otherwise taken much longer.

The collaboration will lead to the development of a robust build service infrastructure. This infrastructure will involve servers for building software, potentially similar to continuous integration systems. The system will likely manage compiling and distributing software, simplifying the process and reducing the need for custom setups for different devices.

The introduction of a secure signing enclave marks a significant advancement in security for Arch Linux. This enclave will leverage code signing to provide a higher level of assurance that packages downloaded from the official repositories haven't been tampered with. Users will be able to cryptographically verify the origin and integrity of software packages, making it much harder for malicious actors to distribute compromised software.

There is speculation that Valve might publicly release SteamOS in the future or that native support for games on GNU/Linux will improve greatly.

Previously:
(2021) Valve's Upcoming Steam Deck Will be Based on Arch Linux--Not Debian
(2015) Steam Now Has 1500 Linux-Compatible Game Titles
(2015) Valve's SteamOS Dreams Beginning to Look Like Reality

Original Submission

fliptop writes:

Last week, the House approved a resolution to block the Biden administration's emissions rule that would require more than half of the automobiles sold in the new-car market to be electric by 2032. The 215 representatives who voted for the bill, including eight Democrats, are far more in tune with most of the country than the White House:

Nationwide, the inventory of unsold EVs had grown by nearly 350% over the first half of 2024, creating "a 92-day supply — roughly three months' worth of EVs, and nearly twice the industry average," says Axios, which is 54 days for gasoline-powered vehicles.

Ford, which lost nearly $73,000 on each EV it sold in the second quarter of 2023, continues to yield to reality, now ditching its plans to build a large electric SUV. This "course change," says Just the News, "comes amid lower-than-expected demand for electric vehicles."

[...] "Based on where the market is and where the customer is, we will pivot and adjust and make those tough decisions," said John Lawler, Ford's chief financial officer.

[...] "Of the U.S. consumers planning on purchasing a new vehicle in the next 24 months, only 34% intend to purchase an EV, down 14% from 48% in the 2023," says Ernst & Young's Mobility Consumer Index, "a global survey of almost 20,000 consumers from 28 countries."

The story is much the same in Britain. EVs "are losing value at an 'unsustainable' rate as a slowdown in consumer demand sends used car prices tumbling," the Telegraph reported last week. Meanwhile in France, "the EU's second largest market for battery electric vehicles behind Germany," deliveries have fallen by a third.

Germans are likewise losing interest, as the country has "suffered a 'spectacular' drop in electric car sales as the European Union faces growing calls to delay its net zero vehicle targets," the Telegraph said in a separate story.

Related:

• Stellantis Lays Off Thousands of Workers after Pocketing Hundreds of Millions in EV Subsidies
• VW Turns on Germany as China Targets Europe's EV Blunders
• South Korean EV Battery Makers Reporting Big Losses as EV Demand Slows
• Tesla Lays Off 'More Than 10%' of its Global Workforce
• Why are All the EVs so Expensive?

Original Submission